subrepo: disallow symlink traversal across subrepo mount point (SEC) It wasn't easy to extend the pathauditor to check symlink traversal across subrepos because pathauditor._checkfs() rejects a directory having ".hg" directory. That's why I added the explicit islink() check. No idea if this patch is necessary after we've fixed the issue5730 by splitting submerge() into planning and execution phases.

tests: show symlink traversal across subrepo mount point (SEC) Also adds a couple of tests where the auditor does work as expected.

share: move config item declarations into core These config items control share behavior that is implemented in core. Since the functionality is implemented in core, extensions may leverage it. Mozilla has one such extension. And, it needs to access share.pool. Before this patch, a devel warning regarding accessing an unregistered config option would be issued unless the share extension were loaded. Moving the registration of the config options to core fixes this.

morestatus: don't crash with different drive letters for repo.root and CWD Previously, if there were unresolved files and the CWD drive was different from the repo drive, `hg status -v` would page the normal status, followed by the exception header. A stacktrace was waiting when the pager exited. The underlying cause was the same as f445b10dc7fb. Unfortunately, I don't see any reasonable way to write a test this [1]. [1] https://www.mercurial-scm.org/pipermail/mercurial-devel/2017-November/107401.html